外掛標籤
開發者團隊
原文外掛簡介
NPC Maintenance Inspector performs 9-point health diagnostics on your WordPress site directly from the admin dashboard:
WordPress core updates — Detect missing core updates.
Plugin updates — List plugins with available updates.
Site Health issues — Extract critical issues from WP standard Site Health API.
PHP version — Warn on end-of-life PHP versions.
Error log analysis — Summarize debug.log entries and save a one-click backup to uploads/ for safe review.
File integrity — Detect suspicious code patterns in core files (eval / base64_decode / etc.) by comparing checksums against the WordPress.org Checksum API.
Suspicious files — Find unexpected PHP files in wp-content/uploads/, with built-in whitelist for known legitimate plugin files (Ajax Load More templates, WP STAGING index.php, AIOS firewall rules, etc.).
SSL certificate — Check days until expiration (warn under 30 days, critical at 0).
File permissions — Check critical files like wp-config.php, .htaccess, wp-content/.
Operational features:
History — Keep the last 10 diagnoses as a custom post type.
Scheduled auto-check — Run daily, weekly, or monthly via WP Cron.
Email notifications — Send alerts only on critical issues.
One-click debug.log clear — Truncate the log while preserving file permissions.
Optional AI report — Generate maintenance suggestions via Anthropic Claude API. Disabled by default; opt-in via a wp-config.php constant.
The plugin is locked to the user who activated it and to the original site URL, so it stays inert after backup restores to a different domain.
External services
This plugin can optionally connect to the Anthropic Claude API (https://api.anthropic.com/v1/messages) to generate AI-powered maintenance reports. This is the only external service the plugin ever contacts.
When is data sent?
When you manually click the “Generate AI Report” button in the admin.
When an automatic scheduled diagnosis detects a critical issue and notifications are enabled. In that case the AI report is generated once per critical run and attached to the notification email.
What data is sent?
The diagnosis result text only:
Site URL, site name, WordPress version, theme name
Counts of plugin updates / Site Health issues / error-log entries
PHP version, memory limit, max upload size
SSL expiration date and days remaining
File-permission status of critical files
Suspicious code patterns detected (function names like eval, base64_decode)
No login data, no post content, no personal data of site visitors.
Is the data sent unconditionally?
No. The AI feature is completely disabled unless you define NPCMI_API_KEY in wp-config.php. Without that constant, no external connection to Anthropic is ever made.
Anthropic’s terms and privacy policy:
Consumer Terms of Service: https://www.anthropic.com/legal/consumer-terms
Privacy Policy: https://www.anthropic.com/legal/privacy
Commercial Terms of Service (if you use a paid API plan): https://www.anthropic.com/legal/commercial-terms
By enabling the AI report feature (i.e. by defining NPCMI_API_KEY), you agree to Anthropic’s applicable terms.
